<?php

class Acl
{
	static public function check($role, $user = null)
	{
		$userRoles = self::getPermissions($user);

		return true;
	}

	static public function create($role)
	{

	}

	static public function getPermissions($user = null)
	{
		static $cache = array();

		if ($user === null) $user == Session::currentUser();

		if (isset($cache[$user])) return $cache[$user];

		$list = array();

		self::loadLinks($list, $user);

		$cache[$user] = $list;

		return $list;
	}

	static protected function loadLinks(&$list, $role)
	{
		$result = Data::all('SELECT * FROM role WHERE from = '.Data::prepareValue($role));

		foreach ($result as $role) {
			if ($role['type'] == self::TYPE_PERMISSION) {
				$list[] = $role['to'];
			} else {
				loadLinks($list, $role['name']);
			}
		}
	}
}

class AclRole
{
	protected $name;
	protected $type;

	const TYPE_PERSON = 'person';
	const TYPE_GROUP = 'group';
	const TYPE_ROLE = 'role';
	const TYPE_PERMISSION = 'permission';

	public function __construct($name, $type = self::TYPE_PERMISSION)
	{
		$this->name = $name;
		$this->type = $type;
	}
}

?>